Job Specifications
Job Title: Senior Information Security Risk Analyst (Contractor)
Location: Oakland, CA (Onsite)
Duration: 12 Months
Role Summary:
We are seeking a Senior Information Security Risk Analyst to support the review, update, and risk assessment of enterprise cybersecurity standards. This role will be central to facilitating cross-functional stakeholder engagement, evaluating technical and operational impact, documenting risk decisions, and guiding standards through the established change management process.
Key Responsibilities:
Facilitate the review of the lifecycle of cybersecurity standards.
Conduct and document business impact assessments (BIA) for proposed updates to the cybersecurity standards, focusing on operational, compliance, and support implications.
Partner with SMEs in Cybersecurity, IT, Compliance, and Audit to validate revisions.
Coordinate and document working sessions, gathering stakeholder feedback and aligning final decisions.
Draft, edit, and version-control cybersecurity operational and technical standards documentation.
Maintain clear and audit-ready documentation of change rationale, versioning, and governance approvals.
Support communication and training coordination planning for standards with operational impact
Track and report status across multiple concurrent standards updates
Ensure all work aligns with Cybersecurity Standards Management Platform processes and NIST CSF-aligned control frameworks.
Required Skills & Experience:
7+ years in information risk management, standards governance, or IT compliance roles
Strong understanding of IT infrastructure, enterprise operations, and risk impact assessment methodologies
Experience conducting or supporting business impact assessments (BIA) (technical and business)
Proficient in project facilitation, stakeholder engagement, and governance coordination
Excellent technical writing skills for standards, procedures, and governance risk documentation
Working familiarity with frameworks such as NIST CSF, NIST 800-53, ISO 27001, or CIS Controls
Experience using tools like SharePoint or GRC platforms
PMP, CISSP, CRISC, or similar certification is a plus
Ideal Candidate Profile:
Able to translate standards changes into operational and risk-oriented impacts
Comfortable working independently while coordinating across multi-disciplinary teams
Strong attention to detail and strong organisational skills and commitment to documentation quality and follow through.
Thrives in a structured, process and governance-driven environment.
About the Company
Born in Silicon Valley, 2006. Our ambition was to craft world-class teams to empower businesses facing tech's relentless tide. But ambition evolved. We saw beyond mere teams, towards engineering groundbreaking products, hand-in-hand with clients.
Beginning with modest origins, we've evolved into trusted advisors serving over 120 companies across 12 countries, grounded in three fundamental pillars of talent:
1. Innovation: With a worldwide presence and an unwavering commitment to personalized service, we create bespoke solu...
Know more